Title

DATA

Responding to the threat of ransomware

Following recent local government ransomware attacks – and a warning from the cabinet office – Dr Andrew Larner considers what councils can do to boost cyber security.

Earlier this week, Dan Peters reported (The MJ 17 November 2020) that council chief executives have been warned by the Cabinet Office and National Cyber Security Council (NCSC) that there is an ‘urgent need' to take steps to mitigate the threat of a ransomware attack on the sector.

Ransomware is growing as a tactic amongst cyber criminals and, equally concerning, the use of as a service is now commonplace. 

Criminals are creating attacks specific to individual councils and local government; recent headlines about successful attacks on Redcar & Cleveland and Hackney councils exemplify the devastation to local services ransomware causes, not to mention the eyewatering costs of attempted recovery. The NCSC states: ‘Criminals highly likely view them as a lucrative target for extortion…'

Which means it's not a question of whether you'll be attacked, but when.

In 2019 iESE completed a research project on digital and technology. Two things were clear: current protection technology for the edge of our infrastructure is on its last gasp, and none of our current edge protection works when our infrastructure incorporates connected operational technology.

iESE is constantly seeking ways to support local government and following our digital research we looked for new technologies to fill the enormous, exploitable gaps left by traditional cyber protection offerings.  We found one, AppGuard. It works in an entirely new way.  It's trusted by the military and major financial institutions. We have been trialling it in UK council environments for six months and it is the only technology to protect your systems from attacks never seen before (a zero-day defence).

It was originally developed for US Defense organisations to secure field operatives returning from hostile environments. The technology operates differently to antivirus and detect and respond systems by blocking malicious processes from detonating, which means that, even if one of your workers inadvertently opened a document containing a hidden malicious code, it would not activate and could do no harm, leaving workers unaffected and able to continue their vital roles.

Local authorities typically call on the services of NCSC and their partners to help consolidate and rebuild affected systems during cyber emergencies; AppGuard could be deployed to assist this process by dramatically reducing the time and cost of rebuilding systems.

Key difficulties that forensics teams face include identifying which applications and files are infected; understanding how the malicious code is activated on systems and files and recognising whether it is persistent. They also need to feel secure that re-infection will not occur during rebuild and that back up files are safe to restore.

AppGuard will block all malicious processes and subprocesses even if they have not been previously identified during the emergency, it does not require previous detection or identification of malicious activities to work, nor does it require connection to the internet. It will provide forensic data on all suspicious and malicious activity during the rebuild, without impacting the rebuild itself. Providing total visibility and control to your incident response teams.

We will be running a live cyber defence demonstration. To register your interest please click here.

Dr Andrew Larner is chief executive of iESE

DATA

Coaching the public sector's future

By Rebecca Davis | 30 October 2025

Rebecca Davis explains why every leader needs time to think – and how structured, high-quality coaching is already having an impact across the West Midlands.

DATA

The move to digital networks: preparing local authorities for a connected future

By Professor Sultan Mahmud | 29 October 2025

BT is working with local authorities across the UK to prepare for one of the most significant network changes in decades: the move from the ageing copper tel...

DATA

What is the baseline for an AI use policy?

By Iain Simmons | 27 October 2025

Iain Simmons sets out the minimum requirements for an effective AI use policy which can be adapted to businesses and organisations of every size.

DATA

Transforming local government

By Emma Foy | 16 October 2025

How TechnologyOne is powering a smarter future for London boroughs.

Dr Andrew Larner

Popular articles by Dr Andrew Larner